package com.catsic.practice.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @Author: zhangzf
 * @CreateTime: 2025-10-24  17:36
 * @Description: 安全策略配置
 */
/*@EnableWebSecurity
@Configuration*/
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .anyRequest().permitAll()  // 允许所有请求
                .and()
                .csrf().disable()          // 禁用CSRF
                .httpBasic().disable()     // 禁用HTTP Basic认证
                .formLogin().disable()     // 禁用表单登录
                .logout().disable();       // 禁用登出
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().anyRequest();   // 忽略所有请求的安全检查
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        // 返回一个空的AuthenticationManager
        return authentication -> {
            throw new UnsupportedOperationException("认证已禁用");
        };
    }
    // 添加空的UserDetailsService Bean
    @Bean
    @Override
    public UserDetailsService userDetailsService() {
        // 创建测试用户
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        // 学生用户
        manager.createUser(User.withUsername("student")
                .password("{noop}password")
                .authorities("ROLE_USER")
                .build());

        // 辅导员
        manager.createUser(User.withUsername("instructor")
                .password("{noop}password")
                .authorities("ROLE_USER", "ROLE_INSTRUCTOR")
                .build());

        // 班主任
        manager.createUser(User.withUsername("headTeacher")
                .password("{noop}password")
                .authorities("ROLE_USER", "ROLE_HEAD_TEACHER")
                .build());

        // 教导主任
        manager.createUser(User.withUsername("director")
                .password("{noop}password")
                .authorities("ROLE_USER", "ROLE_DIRECTOR")
                .build());

        return manager;
    }
}
